GHSA-r4mw-gxf7-vxr9

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-r4mw-gxf7-vxr9/GHSA-r4mw-gxf7-vxr9.json
Aliases
  • CVE-2020-0606
Published
2022-05-24T17:06:16Z
Modified
2023-01-31T02:30:03.774157Z
Details

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0605.

References

Affected packages

NuGet / Microsoft.WindowsDesktop.App.Ref

Microsoft.WindowsDesktop.App.Ref

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.0.1
Fixed
3.0.2

Affected versions

3.*

3.0.1

NuGet / Microsoft.WindowsDesktop.App.Ref

Microsoft.WindowsDesktop.App.Ref

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.1.0
Fixed
3.1.1

Affected versions

3.*

3.1.0

NuGet / Microsoft.WindowsDesktop.App.Runtime.win-x86

Microsoft.WindowsDesktop.App.Runtime.win-x86

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.0.0
Fixed
3.0.2

Affected versions

3.*

3.0.0
3.0.1

NuGet / Microsoft.WindowsDesktop.App.Runtime.win-x86

Microsoft.WindowsDesktop.App.Runtime.win-x86

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.1.0
Fixed
3.1.11

Affected versions

3.*

3.1.0
3.1.1
3.1.10
3.1.2
3.1.3
3.1.4
3.1.5
3.1.6
3.1.7
3.1.8
3.1.9

NuGet / Microsoft.WindowsDesktop.App.Runtime.win-x64

Microsoft.WindowsDesktop.App.Runtime.win-x64

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.0.0
Fixed
3.0.2

Affected versions

3.*

3.0.0
3.0.1

NuGet / Microsoft.WindowsDesktop.App.Runtime.win-x64

Microsoft.WindowsDesktop.App.Runtime.win-x64

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.1.0
Fixed
3.1.11

Affected versions

3.*

3.1.0
3.1.1
3.1.10
3.1.2
3.1.3
3.1.4
3.1.5
3.1.6
3.1.7
3.1.8
3.1.9